A U.K. government plan to allow the intelligence services to monitor all
UK Web communications is technologically impossible, according to experts from the London School of Economics.

The Interception
Modernisation Programme (IMP) calls for Internet service providers to record
the traffic details of all Web communications. They must also present those
details to the intelligence services and other public authorities in a way that
establishes the links between different pieces of data associated with, for
example, an individual's phone, email address or user IDs.

Professor Peter Sommer and Gus Hosein, an LSE visiting fellow, published
a report on Wednesday that criticized the government scheme. Sommer told
ZDNet Asia's sister site ZDNet UK that the requirements are technologically impossible, due to the way
data is transmitted on the Internet.

"Existing law is based on the old telephone system, where it was easy to
separate out communications data," Sommer said on Tuesday. "The problem with the
Internet is that it's all basically data bits."

The problem is made more complex by the blurring of boundaries in Web
communications between traffic data and content, and by the number of protocols
used. Not only are a multiplicity of Web protocols used by different companies,
Sommer said, but those protocols are changed periodically, making interception
as proposed by the government very difficult.

"If Microsoft rewrites Windows Live, [the government] would have to rewrite
the [interception] protocol," said Sommer.

The government has proposed that ISPs use deep
packet inspection, in which every data packet is opened and examined, to
derive a picture of who is communicating with whom at any one time.

In the report, Sommer and Hosein wrote that the devices used for deep packet
inspection, known as "black boxes", will have to collect large amounts of
traffic associated with each Internet user, discard whatever appears to be
content, and combine the different streams of traffic to create the
interlinked data picture of the individual.

"This is an impossibility," Sommer said.

In the report, Sommer and Hosein also criticized the scheme for its extension
of intelligence-service powers.

"If the boxes were under the control of GCHQ, then the entire existing fabric
of warrants, authorizations and judgements over 'necessity' and
'proportionality' would collapse," wrote the authors.

Crunching the numbersSommer also said the LSE is
concerned about the cost of the scheme, which the government has projected at
2 billion pounds (US$3.3 million) over 10 years.

"The figure of 2 billion pounds (US$3.3 million) leads to endless questions about how the
figures were derived, and where the costs are borne," he said.

The Home Office on Wednesday declined to give details about how the scheme's
costs would break down. The programme will be cross-government, but will be
funded by the U.K. Home Office, said a spokesperson.

The Home Office said it needed the capability to track all
communications.

"Communications data plays a vital role in tackling serious crimes such as
child sex abuse, kidnap, murder and drug related crime, as well as in public
protection," the Home Office said in a statement.

"Technology is evolving, and new innovative forms of Internet-based communications are emerging. If we do not
make changes now to maintain existing capabilities and look ahead to the future,
the police, security and intelligence agencies will no longer be able to use this data to fight crime."

In terms of privacy, the Home Office said that it will "ensure there are
stringent safeguards inbuilt into any future proposals", and added that it had
launched
a consultation on the matter.

"We know that this is a complex and sensitive subject, with a fine balance to
be made between protecting public safety and civil liberties. Because of this we
have launched a public consultation to seek views from interested parties,
including communication service providers," said the Home Office statement.

ZDNet Asia's sister site ZDNet UK understands that the Home Office believes there are sufficient
privacy safeguards in place for the work of both the intelligence service and
other security services. These include Ripa, the Human Rights Act and the Data Protection Act.

Thank You

By registering you become a member of the CBS Interactive family of sites and you have read and agree to the Terms of Use, Privacy Policy and Video Services Policy. You agree to receive updates, alerts and promotions from CBS and that CBS may share information about you with our marketing partners so that they may contact you by email or otherwise about their products or services.
You will also receive a complimentary subscription to the ZDNet's Tech Update Today and ZDNet Announcement newsletters. You may unsubscribe from these newsletters at any time.